4301abae1a62f87b1c51acc6a6b4f2c3926a248b4aa9c04b734cef550196c030 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4301abae1a62f87b1c51acc6a6b4f2c3926a248b4aa9c04b734cef550196c030
Size

5KB
MD5

f0f2731cabf1c1a6381d0cd265c937bd
SHA1

cc402936b3d6fa5db14b54f0065404d975f2aeb5
SHA256

4301abae1a62f87b1c51acc6a6b4f2c3926a248b4aa9c04b734cef550196c030
SHA512

ac085929aa1ab4725c09b74d37505f1efa0768c1ef5160ec5fa50c459b844a52f61341f40fc7c92e549a9e48bece83a0d31104156c3518be16fb9625823bba30
SSDEEP

96:hI6wUrBdlR6haHA5xKZ6zLo5sgD801tyTTGjnJd:hNdlcaHA5jU5sq51t+T4Jd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4301abae1a62f87b1c51acc6a6b4f2c3926a248b4aa9c04b734cef550196c030

Files

4301abae1a62f87b1c51acc6a6b4f2c3926a248b4aa9c04b734cef550196c030
.dll windows:6 windows x86 arch:x86

e1e7fcdd0e5ef0cb9b3cf1e5e4ea238a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
lstrcpyA
GetSystemDirectoryA
CopyFileA
lstrcatA
GetEnvironmentVariableA

advapi32

RegSetValueExA
StartServiceA
OpenServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
ChangeServiceConfig2A
RegCloseKey
RegCreateKeyExA

user32

wsprintfA

Exports

Exports

WTSQueryUserToken

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ